X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/1267366d66cadcc09972721bf7381f96f8fe73d6..cac9d1111f86a7ff6da2176e3069dec4484154d4:/lib/config/load_test.go diff --git a/lib/config/load_test.go b/lib/config/load_test.go index 17e0af7ba0..91bd6a7439 100644 --- a/lib/config/load_test.go +++ b/lib/config/load_test.go @@ -15,8 +15,8 @@ import ( "strings" "testing" - "git.curoverse.com/arvados.git/sdk/go/arvados" - "git.curoverse.com/arvados.git/sdk/go/ctxlog" + "git.arvados.org/arvados.git/sdk/go/arvados" + "git.arvados.org/arvados.git/sdk/go/ctxlog" "github.com/ghodss/yaml" "github.com/sirupsen/logrus" check "gopkg.in/check.v1" @@ -46,6 +46,12 @@ func testLoader(c *check.C, configdata string, logdst io.Writer) *Loader { type LoadSuite struct{} +func (s *LoadSuite) SetUpSuite(c *check.C) { + os.Unsetenv("ARVADOS_API_HOST") + os.Unsetenv("ARVADOS_API_HOST_INSECURE") + os.Unsetenv("ARVADOS_API_TOKEN") +} + func (s *LoadSuite) TestEmpty(c *check.C) { cfg, err := testLoader(c, "", nil).Load() c.Check(cfg, check.IsNil) @@ -158,6 +164,7 @@ func (s *LoadSuite) TestSampleKeys(c *check.C) { cfg, err := testLoader(c, yaml, nil).Load() c.Assert(err, check.IsNil) cc, err := cfg.GetCluster("z1111") + c.Assert(err, check.IsNil) _, hasSample := cc.InstanceTypes["SAMPLE"] c.Check(hasSample, check.Equals, false) if strings.Contains(yaml, "Foo") { @@ -185,6 +192,10 @@ func (s *LoadSuite) TestDeprecatedOrUnknownWarning(c *check.C) { _, err := testLoader(c, ` Clusters: zzzzz: + ManagementToken: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + SystemRootToken: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + Collections: + BlobSigningKey: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa postgresql: {} BadKey: {} Containers: {} @@ -254,6 +265,10 @@ func (s *LoadSuite) TestNoUnrecognizedKeysInDefaultConfig(c *check.C) { err = yaml.Unmarshal(buf, &loaded) c.Assert(err, check.IsNil) + c.Check(logbuf.String(), check.Matches, `(?ms).*SystemRootToken: secret token is not set.*`) + c.Check(logbuf.String(), check.Matches, `(?ms).*ManagementToken: secret token is not set.*`) + c.Check(logbuf.String(), check.Matches, `(?ms).*Collections.BlobSigningKey: secret token is not set.*`) + logbuf.Reset() loader.logExtraKeys(loaded, supplied, "") c.Check(logbuf.String(), check.Equals, "") } @@ -262,7 +277,13 @@ func (s *LoadSuite) TestNoWarningsForDumpedConfig(c *check.C) { var logbuf bytes.Buffer logger := logrus.New() logger.Out = &logbuf - cfg, err := testLoader(c, `{"Clusters":{"zzzzz":{}}}`, &logbuf).Load() + cfg, err := testLoader(c, ` +Clusters: + zzzzz: + ManagementToken: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + SystemRootToken: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + Collections: + BlobSigningKey: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa`, &logbuf).Load() c.Assert(err, check.IsNil) yaml, err := yaml.Marshal(cfg) c.Assert(err, check.IsNil) @@ -272,6 +293,31 @@ func (s *LoadSuite) TestNoWarningsForDumpedConfig(c *check.C) { c.Check(logbuf.String(), check.Equals, "") } +func (s *LoadSuite) TestUnacceptableTokens(c *check.C) { + for _, trial := range []struct { + short bool + configPath string + example string + }{ + {false, "SystemRootToken", "SystemRootToken: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_b_c"}, + {false, "ManagementToken", "ManagementToken: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa b c"}, + {false, "ManagementToken", "ManagementToken: \"$aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabc\""}, + {false, "Collections.BlobSigningKey", "Collections: {BlobSigningKey: \"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa⛵\"}"}, + {true, "SystemRootToken", "SystemRootToken: a_b_c"}, + {true, "ManagementToken", "ManagementToken: a b c"}, + {true, "ManagementToken", "ManagementToken: \"$abc\""}, + {true, "Collections.BlobSigningKey", "Collections: {BlobSigningKey: \"⛵\"}"}, + } { + c.Logf("trying bogus config: %s", trial.example) + _, err := testLoader(c, "Clusters:\n zzzzz:\n "+trial.example, nil).Load() + if trial.short { + c.Check(err, check.ErrorMatches, `Clusters.zzzzz.`+trial.configPath+`: unacceptable characters in token.*`) + } else { + c.Check(err, check.ErrorMatches, `Clusters.zzzzz.`+trial.configPath+`: unacceptable characters in token.*`) + } + } +} + func (s *LoadSuite) TestPostgreSQLKeyConflict(c *check.C) { _, err := testLoader(c, ` Clusters: @@ -284,6 +330,45 @@ Clusters: c.Check(err, check.ErrorMatches, `Clusters.zzzzz.PostgreSQL.Connection: multiple entries for "(dbname|host)".*`) } +func (s *LoadSuite) TestBadClusterIDs(c *check.C) { + for _, data := range []string{` +Clusters: + 123456: + ManagementToken: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + SystemRootToken: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + Collections: + BlobSigningKey: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa +`, ` +Clusters: + 12345: + ManagementToken: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + SystemRootToken: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + Collections: + BlobSigningKey: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + RemoteClusters: + Zzzzz: + Host: Zzzzz.arvadosapi.com + Proxy: true +`, ` +Clusters: + abcde: + ManagementToken: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + SystemRootToken: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + Collections: + BlobSigningKey: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + Login: + LoginCluster: zz-zz +`, + } { + c.Log(data) + v, err := testLoader(c, data, nil).Load() + if v != nil { + c.Logf("%#v", v.Clusters) + } + c.Check(err, check.ErrorMatches, `.*cluster ID should be 5 alphanumeric characters.*`) + } +} + func (s *LoadSuite) TestBadType(c *check.C) { for _, data := range []string{` Clusters: